Apps using a vulnerable NuGet package will get served the patched Assembly via GAC Publisher Policy.

Conclusions

I am now more confident that using NuGet packages I get critical updates for my applications when needed when Windows Update is used.

But: I would like to see a more recent document about the treatment of Security issues in NuGet. (Pease leave a comment if you have something and I will update the post). And I would like to know why the NuGet package feed list is empty.

Summary: I will show you how to create a very simple web application with user authentication. Users can register, log in, create diary entries (text) and visualize their entries.

In part one we will create, test and refactor the application locally on our computer. Although the app is very simple we will touch a lot of different technologies. You will also see some issues you may experience when starting with ASP.NET MVC in Visual Studio and how to fix them.

In part two we will publish our app to the cloud (Azure). Please subscribe to get notified when part two is finished.

Show result of data-model change: “Server Error in Application. The model backing the ‘ApplicationDbContext” context has changed since the database was created. Consider using Code First Migrations to update the database”

Your global authentication-default is “requires authentication”. You create a new action method on a controller that should be accessible without authentication and forget to add the [AllowAnonymous] attribute.

Resultingissue: You try your application, can’t enter that new page and fix it. In the worst case you didn’t do your homework and a customer/user finds the bug and complains to you.

Which issue would you rather have to deal with?

I personally prefer the whitelisting approach and err on the side of caution.

Have you been thinking of starting a blog? Then you probably know that it can look like a huge and frightening task…

I have thought about starting one several times in the past.

I then asked myself a lot of questions and got overwhelmed by the answers I found by myself or using google:

How to name my blog?

Which blogging platform to use?

As a IT professional, should I install and setup my baby manually?

What to blog about?

What language to blog in (with German, English and Spanish to choose from in my case)?

Do I have anything to add to the internet? So much stuff already out there….

Who am I, to <fill in the blank>?

If you have an introvert tendency like me all these unknowns can give you the excuses you need to NOT get started at all.

Luckily I stumbled over John Sonmez SimpleProgrammer-website and Youtube-channel. After consuming a lot of his free content he is putting out there I finally tried his blog-course and I am glad I did! He managed to simplify the task at hand and use his psychology skills to destroy all your excuses one after another so you can’t help but get that thing up and running!